---

# Cant use the ansible dnf module here. It doesnt work without these pacakges.
# Therefore using command module
- name: Install python and deps for ansible modules
  command: dnf install --refresh -y python2 python2-dnf libselinux-python


- name: Install stuff
  dnf: name={{ item }} state=latest
  with_items:
    # Those things are explicitly listed in Vagrantfile
    # https://pagure.io/fm-orchestrator/blob/master/f/Vagrantfile
    # Should they be covered by spec file?
    - fedmsg-hub
    - fedmsg-relay
    - fedpkg
    - gcc
    - gcc
    - gcc-c++
    - krb5-workstation
    - libffi-devel
    - openssl-devel
    - python-virtualenv
    - redhat-rpm-config
    - redhat-rpm-config
    - swig
    - systemd-devel

    # Not covered by Vagrantfile nor .spec file,
    # but it seems to be required
    - python-systemd

    # Required for copr
    - copr-cli
    - python-copr


- name: Install module-build-service package
  dnf: name=module-build-service state=latest


# Post-install stuff

# We don't need following configs because everything required is set in
# module_build_service.py. It only causes problems with overriding our settings
- name: Remove redundant fedmsg.d files
  file: path="{{item}}" state=absent
  with_items:
    - /etc/fedmsg.d/endpoints.py
    - /etc/fedmsg.d/relay.py
    - /etc/fedmsg.d/ssl.py


- name: Don't listen to fedora-infra stg hub
  lineinfile:
    dest: /etc/fedmsg.d/module_build_service.py
    regexp: '"tcp://stg.fedoraproject.org:9940"'
    line: '#"tcp://stg.fedoraproject.org:9940"'

- name: Listen to fedora-infra hub
  lineinfile:
    dest: /etc/fedmsg.d/module_build_service.py
    regexp: '#"tcp://hub.fedoraproject.org:9940"'
    line: '"tcp://hub.fedoraproject.org:9940"'

- name: Listen to copr-be-dev
  lineinfile:
    dest: /etc/fedmsg.d/module_build_service.py
    insertafter:
    line: "{{ item }}"
  with_items:
    - "    config['endpoints']['relay_outbound'].append('tcp://{{ copr_backend_ips[0] }}:4001')"
    - "    config['relay_inbound'].append('tcp://{{ copr_backend_ips[0] }}:2003')"
  when: env == "staging"


# We want to run fedmsg-hub as 'mbs' user, because we don't want to rpmbuild as 'fedmsg'
- name: Copy modified fedmsg-hub.service file
  copy: src=fedmsg-hub.service dest=/etc/systemd/system/fedmsg-hub.service
  notify: daemon reload


# Create user and group for mbs
- name: Create group for mbs-frontend
  group: name=mbs state=present gid=1002

- name: Create user for mbs-frontend
  user: name=mbs group=mbs uid=1002



# The config provided by MBS package is a python file
# Instead of replacing values by regex in such file, rather rename
# the original file and then install own configuration file which
# inherits the original one and then customizes it.
- name: Stat base_config
  stat: path=/etc/module-build-service/base_config.py
  register: base_config_stat

- name: Move config.py to base_config.py
  command: mv /etc/module-build-service/config.py /etc/module-build-service/base_config.py creates=/etc/module-build-service/base_config.py

- name: Touch __init__.py file
  file: path=/etc/module-build-service/__init__.py state=touch

- name: Copy production config
  template: src=config.py dest=/etc/module-build-service/config.py

- name: Copy config for copr-cli
  template: src=copr.conf dest=/etc/module-build-service/copr.conf


- name: Upgrade database
  command: mbs-upgradedb

- name: Generate cert
  command: mbs-gencert
  args:
    creates: /etc/module-build-service/server.crt

- name: generate cacert.pem
  shell: cat /etc/module-build-service/server.crt /etc/module-build-service/server.key > /etc/module-build-service/cacert.pem
  args:
    creates: /etc/module-build-service/cacert.pem

- name: Chown /etc/module-build-service to mbs:mbs
  file: path=/etc/module-build-service owner=mbs group=mbs recurse=yes mode=g+w

- name: Add copr-fe to mbs group
  user: name=copr-fe groups=mbs append=yes

- name: Allow writing into DB file in SELinux
  file: path="{{item}}" setype=httpd_sys_rw_content_t
  with_items:
    - /etc/module-build-service
    - /etc/module-build-service/module_build_service.db

# Run module-build-service processes
- name: Enable fedmsg-relay
  service: name=fedmsg-relay enabled=yes state=started

- name: Run fedmsg-hub
  service: name=fedmsg-hub enabled=yes state=started



# Prepare and run MBS frontend
- name: Create /opt/module-build-service
  file:  path=/opt/module-build-service state=directory

- name: Copy mbs.wsgi file
  copy: src=mbs.wsgi dest=/opt/module-build-service/mbs.wsgi

- name: Create vhosts directory
  file: path=/etc/httpd/conf/vhosts/mbs state=directory

- name: Copy httpd/mbs.conf to vhosts directory
  copy: src=httpd/mbs.conf dest=/etc/httpd/conf/vhosts/mbs/mbs.conf
  notify: reload httpd
